DE602004002950D1 - Method and device for access control - Google Patents

Method and device for access control

Info

Publication number
DE602004002950D1
DE602004002950D1 DE602004002950T DE602004002950T DE602004002950D1 DE 602004002950 D1 DE602004002950 D1 DE 602004002950D1 DE 602004002950 T DE602004002950 T DE 602004002950T DE 602004002950 T DE602004002950 T DE 602004002950T DE 602004002950 D1 DE602004002950 D1 DE 602004002950D1
Authority
DE
Germany
Prior art keywords
access control
data communication
communication network
access
control unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE602004002950T
Other languages
German (de)
Other versions
DE602004002950T2 (en
Inventor
Sreekanth Natarajan
Ludwig Alice Julienne Pauwels
Cnodder Stefaan Jozef De
Nagi Reddy Jonnala
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alcatel Lucent SAS
Original Assignee
Alcatel CIT SA
Alcatel SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alcatel CIT SA, Alcatel SA filed Critical Alcatel CIT SA
Publication of DE602004002950D1 publication Critical patent/DE602004002950D1/en
Application granted granted Critical
Publication of DE602004002950T2 publication Critical patent/DE602004002950T2/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/167Adaptation for transition between two IP versions, e.g. between IPv4 and IPv6
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Vehicle Body Suspensions (AREA)
  • Selective Calling Equipment (AREA)

Abstract

The present invention relates to an access control unit (21) of a data communication network (61) comprising an access control means (101) adapted to receive an authorization (111) from an authentication server (51), whereby a particular user (15) is authorized to access said data communication network, and thereupon to grant said particular user an access (106) to said data communication network. An access control unit according to the invention is characterized in that said access control means is further adapted to derive, from an additional information element (112) encoded into said authorization, an association (114) for said particular user between a particular payload type (Ipv6) and a particular virtual network (VLAN2) overlaying over said data communication network, and in that said access control unit further comprises a frame classifier (102) coupled to said access control means (via 103), and adapted to tag particular untagged frames (121) entering said data communication network, related to said particular user and carrying said particular payload type, with a particular virtual network identifier (VID2) of said particular virtual network. The present invention also relates to a method for controlling the access to a data communication network, and to an authentication server for use in cooperation with the access control unit.
DE602004002950T 2004-08-05 2004-08-05 Method and device for access control Expired - Lifetime DE602004002950T2 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP04291996A EP1624638B1 (en) 2004-08-05 2004-08-05 Access control method and apparatus

Publications (2)

Publication Number Publication Date
DE602004002950D1 true DE602004002950D1 (en) 2006-12-07
DE602004002950T2 DE602004002950T2 (en) 2007-07-05

Family

ID=34931324

Family Applications (1)

Application Number Title Priority Date Filing Date
DE602004002950T Expired - Lifetime DE602004002950T2 (en) 2004-08-05 2004-08-05 Method and device for access control

Country Status (5)

Country Link
US (1) US20060031925A1 (en)
EP (1) EP1624638B1 (en)
CN (1) CN100534034C (en)
AT (1) ATE343892T1 (en)
DE (1) DE602004002950T2 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7961622B2 (en) * 2005-09-02 2011-06-14 Tekelec Methods, systems, and computer program products for monitoring and analyzing signaling messages associated with delivery of streaming media content to subscribers via a broadcast and multicast service (BCMCS)
EP1885139A1 (en) * 2006-08-02 2008-02-06 Nokia Siemens Networks Gmbh & Co. Kg Aggregation switch, method of operating an aggregation switch and corresponding computer program product
CN101132307B (en) * 2006-08-22 2010-12-01 华为技术有限公司 Control system, control method and control device
JP4803116B2 (en) * 2007-05-31 2011-10-26 富士ゼロックス株式会社 Virtual network connection device and program
US20110103396A1 (en) 2009-10-29 2011-05-05 International Business Machines Corporation Selective link aggregation in a virtualized environment
WO2012032606A1 (en) 2010-09-07 2012-03-15 富士通株式会社 Frame concatenation device
US8819235B2 (en) 2010-10-20 2014-08-26 International Business Machines Corporation Multi-adapter link aggregation for adapters with hardware based virtual bridges
US9100215B2 (en) * 2011-07-29 2015-08-04 Aruba Networks, Inc. Managing multiple virtual network memberships
DE102011080676A1 (en) * 2011-08-09 2013-02-14 Siemens Aktiengesellschaft Configuration of a communication network
US9210079B2 (en) * 2012-08-14 2015-12-08 Vmware, Inc. Method and system for virtual and physical network integration
CN105306353A (en) * 2014-07-29 2016-02-03 华为技术有限公司 Method, equipment and system for forwarding message
CN110958334B (en) * 2019-11-25 2022-08-09 新华三半导体技术有限公司 Message processing method and device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6085238A (en) * 1996-04-23 2000-07-04 Matsushita Electric Works, Ltd. Virtual LAN system
US6035405A (en) * 1997-12-22 2000-03-07 Nortel Networks Corporation Secure virtual LANs
US6661791B1 (en) * 1999-12-28 2003-12-09 Mosaid Technologies, Inc. Method and apparatus for generating forward overrides in a packet switch
US6990106B2 (en) * 2001-03-19 2006-01-24 Alcatel Classification and tagging rules for switching nodes
US20030217148A1 (en) * 2002-05-16 2003-11-20 Mullen Glen H. Method and apparatus for LAN authentication on switch
US7530112B2 (en) * 2003-09-10 2009-05-05 Cisco Technology, Inc. Method and apparatus for providing network security using role-based access control

Also Published As

Publication number Publication date
DE602004002950T2 (en) 2007-07-05
CN100534034C (en) 2009-08-26
US20060031925A1 (en) 2006-02-09
CN1731725A (en) 2006-02-08
ATE343892T1 (en) 2006-11-15
EP1624638A1 (en) 2006-02-08
EP1624638B1 (en) 2006-10-25

Similar Documents

Publication Publication Date Title
ATE343892T1 (en) METHOD AND DEVICE FOR ACCESS CONTROL
WO2006057772B1 (en) Method and system for including network security information in a frame
DE50211063D1 (en) METHOD AND DEVICE FOR AUTHENTICATED ACCESS OF A STATION ON LOCAL DATA NETWORKS, IN PARTICULAR RADIO DATA NETWORKS
WO2005036321A3 (en) A system and method for accessing network and data services
ATE372558T1 (en) METHOD FOR CONTROLLING ACCESS TO DIGITAL CONTENT AND STREAMING MEDIA
ATE300837T1 (en) SERVER AND METHOD FOR PROVIDING CONTENT USING A SERVER
ATE377889T1 (en) METHOD, SYSTEM AND NETWORK ELEMENT FOR AUTHORIZING DATA TRANSFER
HK1040152A1 (en) Method of for providing secure communication of digital data between devices
WO2004080096A3 (en) User plane-based location services (lcs) system, method and apparatus
WO2004015542A3 (en) Method for controlling access to informational objects
PL359840A1 (en) Method of remote change of communication password
DE60317753D1 (en) Method and apparatus for automatic client authentication in a wireless network protected by PEAP, EAP-TLS or other extensible authentication protocols
BR9806769A (en) Secure access method for accessing a private data communication network by a remote communication station in a process for data communication and device to selectively allow access to a private data communication network by a remote communication station in a system radio communication
CN108701384B (en) Method for monitoring access to electronically controllable devices
EP1445679A3 (en) Authentication surety and decay system and method
ATE453291T1 (en) METHOD FOR OBTAINING ONLINE INFORMATION FROM A USER
HK1070505A1 (en) System and method for controlling a mobile terminal
WO2006107885A3 (en) Method and apparatus for admission control and resource tracking in a wireless communication system
AU2002340554A1 (en) Method and apparatus for personal information access control
EP1189388A3 (en) Devices, softwares, and methods for wireless devices to form a network on the fly by performing admission control in the second layer
DE60336393D1 (en) Method and system for monitoring service access
WO2002084456A3 (en) User identity verification system
HK1108793A1 (en) System and method for assigning a permanent personal identification number (pin) to a mobile communication device
ATE413766T1 (en) DEVICE AND METHOD FOR OPERATING A MOBILE COMMUNICATIONS DEVICE
DE60336564D1 (en) METHOD AND SYSTEM FOR COMMUNICATION MONITORING

Legal Events

Date Code Title Description
8327 Change in the person/name/address of the patent owner

Owner name: ALCATEL LUCENT, PARIS, FR

8364 No opposition during term of opposition